From db0fee98fd509125b1b5303c44cfb156025beb7a Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <ramon.petgrave64@gmail.com>
Date: Fri, 28 Jun 2024 20:52:36 +0000
Subject: [PATCH 1/2] override autolinker >= 4.0.0 ^4.0.0

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
---
 README.md         |  1 +
 package-lock.json | 54 ++++-------------------------------------------
 package.json      |  3 +++
 3 files changed, 8 insertions(+), 50 deletions(-)

diff --git a/README.md b/README.md
index 9164f18b7..70562d3d4 100644
--- a/README.md
+++ b/README.md
@@ -29,6 +29,7 @@
 - [Verification for GitHub builders](#verification-for-github-builders)
   - [Artifacts](#artifacts)
   - [Containers](#containers)
+    - [The verify-image command](#the-verify-image-command)
   - [npm packages](#npm-packages)
     - [The verify-npm-package command](#the-verify-npm-package-command)
     - [npm packages built using the SLSA3 Node.js builder](#npm-packages-built-using-the-slsa3-nodejs-builder)
diff --git a/package-lock.json b/package-lock.json
index 7f8ec68c6..f8fd585b1 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6019,12 +6019,12 @@
       "dev": true
     },
     "node_modules/autolinker": {
-      "version": "0.28.1",
-      "resolved": "https://registry.npmjs.org/autolinker/-/autolinker-0.28.1.tgz",
-      "integrity": "sha512-zQAFO1Dlsn69eXaO6+7YZc+v84aquQKbwpzCE3L0stj56ERn9hutFxPopViLjo9G+rWwjozRhgS5KJ25Xy19cQ==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/autolinker/-/autolinker-4.0.0.tgz",
+      "integrity": "sha512-fl5Kh6BmEEZx+IWBfEirnRUU5+cOiV0OK7PEt0RBKvJMJ8GaRseIOeDU3FKf4j3CE5HVefcjHmhYPOcaVt0bZw==",
       "dev": true,
       "dependencies": {
-        "gulp-header": "^1.7.1"
+        "tslib": "^2.3.0"
       }
     },
     "node_modules/available-typed-arrays": {
@@ -6595,15 +6595,6 @@
         "typedarray": "^0.0.6"
       }
     },
-    "node_modules/concat-with-sourcemaps": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/concat-with-sourcemaps/-/concat-with-sourcemaps-1.1.0.tgz",
-      "integrity": "sha512-4gEjHJFT9e+2W/77h/DS5SGUgwDaOwprX8L/gl5+3ixnzkVJJsZWDSelmN3Oilw3LNDZjZV0yqH1hLG3k6nghg==",
-      "dev": true,
-      "dependencies": {
-        "source-map": "^0.6.1"
-      }
-    },
     "node_modules/conventional-commits-detector": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/conventional-commits-detector/-/conventional-commits-detector-1.0.3.tgz",
@@ -8145,18 +8136,6 @@
         "node": ">=14.0.0"
       }
     },
-    "node_modules/gulp-header": {
-      "version": "1.8.12",
-      "resolved": "https://registry.npmjs.org/gulp-header/-/gulp-header-1.8.12.tgz",
-      "integrity": "sha512-lh9HLdb53sC7XIZOYzTXM4lFuXElv3EVkSDhsd7DoJBj7hm+Ni7D3qYbb+Rr8DuM8nRanBvkVO9d7askreXGnQ==",
-      "deprecated": "Removed event-stream from gulp-header",
-      "dev": true,
-      "dependencies": {
-        "concat-with-sourcemaps": "*",
-        "lodash.template": "^4.4.0",
-        "through2": "^2.0.0"
-      }
-    },
     "node_modules/handlebars": {
       "version": "4.7.8",
       "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.8.tgz",
@@ -9300,37 +9279,12 @@
       "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
       "dev": true
     },
-    "node_modules/lodash._reinterpolate": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz",
-      "integrity": "sha512-xYHt68QRoYGjeeM/XOE1uJtvXQAgvszfBhjV4yvsQH0u2i9I6cI6c6/eG4Hh3UAOVn0y/xAXwmTzEay49Q//HA==",
-      "dev": true
-    },
     "node_modules/lodash.merge": {
       "version": "4.6.2",
       "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
       "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==",
       "dev": true
     },
-    "node_modules/lodash.template": {
-      "version": "4.5.0",
-      "resolved": "https://registry.npmjs.org/lodash.template/-/lodash.template-4.5.0.tgz",
-      "integrity": "sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A==",
-      "dev": true,
-      "dependencies": {
-        "lodash._reinterpolate": "^3.0.0",
-        "lodash.templatesettings": "^4.0.0"
-      }
-    },
-    "node_modules/lodash.templatesettings": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/lodash.templatesettings/-/lodash.templatesettings-4.2.0.tgz",
-      "integrity": "sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ==",
-      "dev": true,
-      "dependencies": {
-        "lodash._reinterpolate": "^3.0.0"
-      }
-    },
     "node_modules/longest-streak": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/longest-streak/-/longest-streak-2.0.4.tgz",
diff --git a/package.json b/package.json
index a1767d95a..0fb58c226 100644
--- a/package.json
+++ b/package.json
@@ -6,5 +6,8 @@
   "devDependencies": {
     "markdown-toc": "1.2.0",
     "renovate": "37.374.1"
+  },
+  "overrides": {
+    "autolinker": ">= 4.0.0 ^4.0.0"
   }
 }

From 60c2b9bcf0c9b9ef9e0b4eec33be232cb8f79fcf Mon Sep 17 00:00:00 2001
From: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
Date: Tue, 2 Jul 2024 11:43:12 -0400
Subject: [PATCH 2/2] change to caret

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 0fb58c226..07a6a85f8 100644
--- a/package.json
+++ b/package.json
@@ -8,6 +8,6 @@
     "renovate": "37.374.1"
   },
   "overrides": {
-    "autolinker": ">= 4.0.0 ^4.0.0"
+    "autolinker": "^4.0.0"
   }
 }